peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-03 13:47:08 +02:00
Code Issues Projects Releases Wiki Activity

split script in multiple files, reassembled through build.sh

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-03-30 20:04:16 +02:00
parent 7e660812e9
commit cebda01d05
47 changed files with 7712 additions and 7617 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
src/vulns/CVE-2019-11135.sh Normal file
View File

@@ -0,0 +1,96 @@
# vim: set ts=4 sw=4 sts=4 et:
###################
# TAA SECTION
# CVE-2019-11135 TAA (TSX asynchronous abort) - entry point
check_CVE_2019_11135() {
check_cve 'CVE-2019-11135'
}
# CVE-2019-11135 TAA (TSX asynchronous abort) - Linux mitigation check
check_CVE_2019_11135_linux() {
local status sys_interface_available msg kernel_taa kernel_taa_err
status=UNK
sys_interface_available=0
msg=''
if sys_interface_check "$VULN_SYSFS_BASE/tsx_async_abort"; then
# this kernel has the /sys interface, trust it over everything
sys_interface_available=1
status=$ret_sys_interface_check_status
fi
if [ "$opt_sysfs_only" != 1 ]; then
pr_info_nol "* TAA mitigation is supported by kernel: "
kernel_taa=''
if [ -n "$g_kernel_err" ]; then
kernel_taa_err="$g_kernel_err"
elif grep -q 'tsx_async_abort' "$g_kernel"; then
kernel_taa="found tsx_async_abort in kernel image"
fi
if [ -n "$kernel_taa" ]; then
pstatus green YES "$kernel_taa"
elif [ -n "$kernel_taa_err" ]; then
pstatus yellow UNKNOWN "$kernel_taa_err"
else
pstatus yellow NO
fi
pr_info_nol "* TAA mitigation enabled and active: "
if [ "$opt_live" = 1 ]; then
if [ -n "$ret_sys_interface_check_fullmsg" ]; then
if echo "$ret_sys_interface_check_fullmsg" | grep -qE '^Mitigation'; then
pstatus green YES "$ret_sys_interface_check_fullmsg"
else
pstatus yellow NO
fi
else
pstatus yellow NO "tsx_async_abort not found in sysfs hierarchy"
fi
else
pstatus blue N/A "not testable in offline mode"
fi
elif [ "$sys_interface_available" = 0 ]; then
# we have no sysfs but were asked to use it only!
msg="/sys vulnerability interface use forced, but it's not available!"
status=UNK
fi
if ! is_cpu_affected "$cve"; then
# override status & msg in case CPU is not vulnerable after all
pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
elif [ -z "$msg" ]; then
# if msg is empty, sysfs check didn't fill it, rely on our own test
if [ "$opt_live" = 1 ]; then
# if we're in live mode and $msg is empty, sysfs file is not there so kernel is too old
pvulnstatus "$cve" VULN "Your kernel doesn't support TAA mitigation, update it"
else
if [ -n "$kernel_taa" ]; then
pvulnstatus "$cve" OK "Your kernel supports TAA mitigation"
else
pvulnstatus "$cve" VULN "Your kernel doesn't support TAA mitigation, update it"
fi
fi
else
if [ "$opt_paranoid" = 1 ]; then
# in paranoid mode, TSX or SMT enabled are not OK, even if TAA is mitigated
if ! echo "$ret_sys_interface_check_fullmsg" | grep -qF 'TSX disabled'; then
pvulnstatus "$cve" VULN "TSX must be disabled for full mitigation"
elif echo "$ret_sys_interface_check_fullmsg" | grep -qF 'SMT vulnerable'; then
pvulnstatus "$cve" VULN "SMT (HyperThreading) must be disabled for full mitigation"
else
pvulnstatus "$cve" "$status" "$msg"
fi
else
pvulnstatus "$cve" "$status" "$msg"
fi
fi
}
# CVE-2019-11135 TAA (TSX asynchronous abort) - BSD mitigation check
check_CVE_2019_11135_bsd() {
if ! is_cpu_affected "$cve"; then
# override status & msg in case CPU is not vulnerable after all
pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
else
pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script"
fi
}